Last weekend, MacRumors first noticed that Apple's most recent security update was designed to fight a massive botnet woven from Macs infected with iWorm malware.
That malware, in turn, apparently came from pirated software: TheSafeMac reported on Oct. 4 that PirateBay user “aceprog” had uploaded various copies of commercial software, including Adobe Photoshop, Adobe Illustrator, Microsoft Office and Parallels, all of which contained the worm. Thus, anyone who installed copies of this software on their own Macs installed the malware right along with it.
So the easiest way to avoid this problem is “don't use pirated software,” and the second-easiest way to avoid it is “at least don't use pirated software from aceprog.”
SafeMac actually installed and tested some of this software on a special computer he uses only for malware testing (meaning: do not try this at home), and discovered something particularly odd about it:
I finally settled on installing a torrent client and using the torrent download link, which gave me a stolen copy of Photoshop CC 2014.
The item that got downloaded included some unsavory items that could be installed or opened to allow the stolen copy of Photoshop to run without a valid license, and although you couldn’t pay me to use any of these things on a real system, none of them turned out to be the problem. It turned out that the official-looking Photoshop installer had been modified.
That's what makes this worm particularly troubling: although it only appears to be on pirated copies of software, the worm itself is not in the “pirate-specific” code, but in the same software which might be found even in a legal copy.
That said: there's no evidence indicating that anyone with a legitimate copy of Photoshop CC 2014 or any of the other listed programs needs to worry. The reason “aceprog” and company slipped their malicious code-bits into software they put on the Pirate Bay is almost certainly because they couldn't get into, for example, the actual Adobe HQ (or wherever legitimate Photoshop software is produced).